Hack the Army bug bounty program paid $275,000 in rewards

Hack the Army bug bounty program results: 146 valid vulnerabilities were reported by white hat hackers and more than $275,000 were paid in rewards.

The second Hack the Army bug bounty program ran between October 9 and November 15, 2019 through the HackerOne platform. The bug bounty program operated by the Defense Digital Service, along with the U.S. Department of Defense (DoD) paid more than $275,000 in rewards and a total of 146 valid vulnerabilities were reported.

52 white hat hackers took part in the Hack the Army bounty program, US army asked participants to test more than 60 publicly accessible web assets, including *.army.mil, *.goarmy.mil, and the Arlington Cemetery website.

Participants were from the U.S., Canada, Romania, Portugal, the Netherlands, and Germany.

“Participation from hackers is key in helping the Department of Defense boost its security practices beyond basic compliance checklists to get to real security,” said Alex Romero, Digital Service Expert at Department of Defense Defense Digital Service. “With each Hack the Army challenge, our team has strengthened its security posture.”

“The partnership with DDS demonstrates a fun and creative way to safely find solutions, so we look forward to building on this relationship to create future events,” said a US Army Cyber Command spokesperson.”

On November 20, during the awards ceremony held in Augusta, Georgia, the top three hackers @alyssa_herrera, @erbbysam, and @cdl were rewarded for their contributions. The three experts also spoke about their experience in the program

“The Department of Defense programs are some of my favorites to hack on, and Hack the Army 2.0 was one of the most rewarding,” said second place winner @alyssa_herrera. “It is so exciting to know that the vulnerabilities I find go towards strengthening Army defenses to protect millions of people. Coming in second place and being invited to spend time with the hackers and soldiers I worked alongside made the impact we made in this Challenge feel even bigger.”

More information on the past edition of the Hack the Army program and results are available here.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Hack the Army, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.